So I wanted to make some shit for Linux, and couldn't work out where to begin working with Tibia.
First off, you'll probably want some tools. I'm using Xubuntu (and it's fucking lovely, I might add). If you want to do this the way I am, to avoid confusion, please follow each bit!
First, find an address. Use GameConquerer (available through the Ubuntu software centre). Crack it open, launch Tibia for Linux (DON'T USE WINE FOR ANY MEMORY READING SHIT! If you use Wine I don't think you can access to Linux client from CE @ Wine). Now, find a memory address. I found Experience, since it isn't XOr'd in Windows, I figured it would be easiest. Now we have somewhere to start.
Crack out your IDE or text editor, and slap this code in there:
So, what's it doing? Well, I'll explain as much as I know. In Linux you don't need any handle bullshit to read memory, and it appears there is no ASLR (fucking wonderful!) So you don't need to worry about getting base addresses and shit. Unfortunately, it's harder to find processes (in my experience) so you might have difficulty getting a PID automatically. So, first off we're declaring a pid_t as 4847 (my current Tibia PID, change it, you can find the PID in task manager or in GameConquerer - hereby referred to as GC). Next up is the address, declared as an int but written as a UInt (I think? IDFK). So, next up we have this whole ptrace shit. It was invented for debugging, so that people could monitor their memory usage remotely and find out what they are doing wrong. Gives us some tidy access, there is one small fault though. I think that when you call PTRACE_ATTACH, it stops the process, and until you call PTRACE_DETACH, the client freezes (aew shit) but I don't know for sure, not tested yet. Gonna try it in a bit.Code:#include <iostream> #include <string> #include <sys/ptrace.h> #include <errno.h> int main() { pid_t pid = 4847; int addr = 0x84a1bd8; long ret = ptrace(PTRACE_ATTACH, pid, NULL, NULL); cout << "ptrace Status: " << ret << endl; cout << "Errno: " << errno << endl; ret = ptrace(PTRACE_PEEKDATA, pid, addr, NULL); cout << "ptrace Status: " << ret << endl; cout << "Errno: " << errno << endl; ret = ptrace(PTRACE_DETACH, pid, NULL, NULL); cout << "ptrace Status: " << ret << endl; cout << "Errno: " << errno << endl; return 0; }
Google ptrace to get a list of possible options (e.g PTRACE_ATTACH, PTRACE_PEEKDATA, PTRACE_PEEKWORD etc). The other values are ofc process ID, address to peek, and the last one is a data structure, so if you make a struct for a battle list entry ptrace will grab the entire struct from memory starting at the address specified, and eat it all up straight into your variable. Fucking lovely.
Hope this helps someone. This is a default library on Linux (ptrace), and it is amazing from what I've seen so far. Taking just a PID and address as it appears in your tool is something I wish Windows would do.
Good luck, and let's all start doing it with penguins?????
Reply With Quote
Originally Posted by Vicentee
